Releases: Shepard2154/VexRAG
Releases · Shepard2154/VexRAG
Release list
v0.2.1
Patch: fix README logo on PyPI (absolute GitHub raw URL). No code changes vs 0.2.0.
Full Changelog: v0.2.0...v0.2.1
v0.2.0
VexRAG 0.2.0
Upgrade from 0.1.3. This release refactors the CLI and core, tightens configuration defaults, improves retrieval persistence, and updates licensing and packaging.
License
- Project license changed from MIT to Apache-2.0 (
pyproject.tomlandLICENSE).
CLI and layout
- CLI logic moved to
vexrag/usecases/with thin handlers and presentation undervexrag/cli/(vx scan,vx doctor,vx generate-cases). - Legacy
vexrag/webapplication modules removed; only a minimal package stub may remain for compatibility—do not rely on a bundled web UI.
Configuration (breaking)
- Legacy evaluations configuration paths removed; use the current scan evaluation builder/options.
- Cleanup after scan is enabled by default (poisoned corpus cleanup unless you opt out).
- Preflight now validates only the selected attack instead of preflighting the entire config surface.
Optional dependencies
- New extra:
sentence-transformers— install withpip install vexrag[sentence-transformers]when using local embedding providers that need it. - Vector store extras unchanged in spirit:
qdrant,chroma,faiss.
Fixes
- FAISS corpus persistence is crash-safe and self-healing (atomic writes / recovery).
- rag_examples medium NQ examples adjusted for smoke and E2E stability; native vector-DB poisoner smoke configs added.
Examples and paths
- Example tree renamed from
RAG examples/torag_examples/(lowercase, underscore). - Huge example subtree removed from the repo layout; see
rag_examples/README.mdfor current small/medium targets. - Sample RAG targets still default to
http://localhost:8080— run one example at a time.
Tooling and quality
- Strict mypy on
vexrag/, expanded domain-structured tests, CI workflow updates, and PyPI publish workflow added. - vLLM preflight support for configured providers.
Security notice
VexRAG is intended for security testing your own RAG in a controlled, isolated environment — not production. Attack tooling and poisoned corpora can harm systems if misused.
Upgrade checklist (0.1.3 → 0.2.0)
- Re-read
LICENSE(Apache-2.0). - Update scan YAML: drop legacy evaluations blocks; confirm cleanup default meets your workflow.
- Point scripts and docs at
rag_examples/paths. - Install optional extras as needed:
[faiss],[chroma],[qdrant],[sentence-transformers]. - Re-run
vx doctoragainst your config before long scans.
Full commit range: v0.1.3..v0.2.0 (35 commits on branch history since tag v0.1.3).